This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Allen_Fambro
Employee
Employee
‎2020-10-13 10:49 AM
Jump to solution

AWS Updateable Objects

Is there a GAIA CLI equivalent to 'domains_tool' (see sk161632) that would allow you to see the list of IP's associated with an Updateable Object directly from the gateway?  The "domains_tool" command only displays domains that are associated with a specific Updateable Object.  However some Updateable Objects like the "Amazon Web Services" object doesn't contain any domains.  Instead it simply contains subnets / IPs.  There has to be some way to see exactly what the gateway is allowing access to/from for auditors, troubleshooting, etc...

Thank you.

0 Kudos
1 Solution

Accepted Solutions
Norbert_Bohusch
Advisor
‎2020-10-14 04:23 AM
Jump to solution

Yes, you can view them with:

# dynamic_objects -uo_show

 

Here an example from lab (output truncated in-between for easier viewing):

[Expert@gw:0]# dynamic_objects -uo_show

 

object name : CP_MS_Office365_All

range 0 : 13.67.50.224           13.67.50.231

range 1 : 13.70.151.216          13.70.151.216

range 2 : 13.71.127.197          13.71.127.197

<snip>

range 447 : 2a01:111:f406:8801::    2a01:111:f406:8801:ffff:ffff:ffff:ffff

range 448 : 2a01:111:f406:a003::    2a01:111:f406:a003:ffff:ffff:ffff:ffff

 

object name : CP_AWS_AMAZON

range 0 : 3.0.0.0                3.1.255.255

range 1 : 3.8.0.0                3.11.255.255

range 2 : 3.16.0.0               3.19.255.255

<snip>

range 416 : 2a05:d07f:e000::       2a05:d07f:e0ff:ffff:ffff:ffff:ffff:ffff

 

Operation completed successfully

[Expert@gw:0]#

 

 

View solution in original post

2 Replies
Norbert_Bohusch
Advisor
‎2020-10-14 04:23 AM
Jump to solution

Yes, you can view them with:

# dynamic_objects -uo_show

 

Here an example from lab (output truncated in-between for easier viewing):

[Expert@gw:0]# dynamic_objects -uo_show

 

object name : CP_MS_Office365_All

range 0 : 13.67.50.224           13.67.50.231

range 1 : 13.70.151.216          13.70.151.216

range 2 : 13.71.127.197          13.71.127.197

<snip>

range 447 : 2a01:111:f406:8801::    2a01:111:f406:8801:ffff:ffff:ffff:ffff

range 448 : 2a01:111:f406:a003::    2a01:111:f406:a003:ffff:ffff:ffff:ffff

 

object name : CP_AWS_AMAZON

range 0 : 3.0.0.0                3.1.255.255

range 1 : 3.8.0.0                3.11.255.255

range 2 : 3.16.0.0               3.19.255.255

<snip>

range 416 : 2a05:d07f:e000::       2a05:d07f:e0ff:ffff:ffff:ffff:ffff:ffff

 

Operation completed successfully

[Expert@gw:0]#

 

 

Allen_Fambro
Employee
Employee
‎2020-10-14 09:05 AM
In response to Norbert_Bohusch
Jump to solution

Thank you.  This is great information and we should update skI1915 with this. 

I should also note that skI1915 does provide more insight around the "dynamic_objects" command.  While it doesn't talk about the "-uo_show" option, it does tell you that the Dynamic Objects are stored in a database (ASCII file) located at $FWDIR/database/dynamic_objects.db.  It seems that the "-uo_show" option was added so that you can display anything in the database with "OBJ_TYPE_UO" which are updateable objects.  Since the database is an ASCII file, you could also use the "more" command to display contents and search thru the file, etc... 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top